PULSE
LIVE44signals / 24h
FEED
ransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcare
← All CVEs
CVE Watch

CVE-2021-28799

QNAP NAS Improper Authorization Vulnerability

CVSS

No CVSS

EPSS

78.3%

p100

KEV

YES

Mar 31, 2022

Exploit Today

80

0-100

Published: · Last modified:

EPSS · 30d
78.3%EPSS · 30 days78.4%
2026-06-302026-07-16
KEV catalog record

Product

QNAP / Network Attached Storage (NAS)

Vulnerability

QNAP NAS Improper Authorization Vulnerability

Added to KEV

Mar 31, 2022

Remediate by

Apr 21, 2022

Known ransomware use

Yes

Summary description

QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

Required action

Apply updates per vendor instructions.

Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-28799

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-19949
97.6%
KEV79QNAP NAS File Station Command Injection Vulnerability
CVE-2018-19953
97.6%
KEV79QNAP NAS File Station Cross-Site Scripting Vulnerability
CVE-2018-19943
96.8%
KEV79QNAP NAS File Station Cross-Site Scripting Vulnerability